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Abstract 


This document describes how Private Enterprise Numbers (PENs) are registered by IANA. It 
shows how to request a new PEN and how to modify a current PEN. It also gives a brief overview 
of PEN uses. 


Status of This Memo 


This document is not an Internet Standards Track specification; it is published for informational 
purposes. 


This document is a product of the Internet Engineering Task Force (IETF). It represents the 
consensus of the IETF community. It has received public review and has been approved for 
publication by the Internet Engineering Steering Group (IESG). Not all documents approved by 
the IESG are candidates for any level of Internet Standard; see Section 2 of RFC 7841. 


Information about the current status of this document, any errata, and how to provide feedback 
on it may be obtained at https://www.rfc-editor.org/info/rfc9371. 
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1. Introduction 


Private Enterprise Numbers (PENs) are identifiers that can be used anywhere that an ASN.1 
object identifier (OID) [ASN1] can be used. Originally, PENs were developed so that organizations 
that needed to identify themselves in Simple Network Management Protocol (SNMP) [RFC3411] 
Management Information Base (MIB) configurations could do so easily. PENs are also useful in 
any application or configuration language that needs OIDs to identify organizations. 


The IANA Functions Operator, referred to in this document as "IANA", manages and maintains 
the PEN registry in consultation with the IESG. PENs are issued from an OID prefix that was 
assigned to IANA. That OID prefix is 1.3.6.1.4.1. Using the (now archaic) notation of ownership 
names in the OID tree, that corresponds to: 


1 3 6 1l 4 1 
iso.org.dod.internet.private.enterprise 


A PEN is an OID that begins with the PEN prefix. Thus, the OID 1.3.6.1.4.1.32473 is a PEN. 
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1.1. Uses of PENs 


Once a PEN has been assigned to an organization, individual, or other entity, that assignee can 

use the PEN by itself (possibly to represent the assignee) or as the root of other OIDs associated 
with the assignee. For example, if an assignee is assigned the PEN 1.3.6.1.4.1.32473, it might use 
1.3.6.1.4.1.32473.7 to identify a protocol extension and use 1.3.6.1.4.1.32473.12.3 to identify a set 
of algorithms that it supports in a protocol. 


Neither IANA nor the IETF can control how an assignee uses its PEN. In fact, no one can exert 
such control: that is the meaning of "private" in "private enterprise number". Similarly, no one 
can prevent an assignee that is not the registered owner of a PEN from using that PEN, or any 
PEN, however they want. 


A very common use of PENS is to give unique identifiers in IETF protocols. SNMP MIB 
configuration files use PENs for identifying the origin of values. Protocols that use PENs as 
identifiers of extension mechanisms include RADIUS [RFC2865], Diameter [RFC6733], Syslog 
[RFC5424], RSVP [RFC5284], and vCard [RFC6350]. 


2. PEN Assignment 


PENs are assigned by IANA. The registry is located at <https://www.iana.org/assignments/ 
enterprise-numbers>, and requests for new assignments or the modification of existing 
assignments can also be submitted at that URL. 


IANA maintains the PEN registry in accordance with the "First Come First Served" registration 
policy described in [RFC8126]. Values are assigned sequentially. 


2.1. Requesting a PEN Assignment 


Requests for assignment must provide the name of the assignee, the name of a public contact 
who can respond to questions about the assignment, and contact information that can be used to 
verify change requests. The contact's name and email address will be included in the public 
registry. 


A prospective assignee may request multiple PENs, but obtaining one PEN and making internal 
sub-assignments is typically more appropriate. (Sub-assignments should not be reported to 
IANA.) 


IANA may refuse to process abusive requests. 


2.2. Modifying an Existing Record 


Any of the information associated with a registered value can be modified, including the name of 
the assignee. 
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Modification requests require authorization by a representative of the assignee. Authorization 
will be validated either with information kept on file with IANA or with other identifying 
documentation, if necessary. 


2.3. Deleting a PEN Record 


Although such requests are rare, registrations can be deleted. When a registration is deleted, all 
identifying information is removed from the registry, and the value is marked as "returned." 
Returned values will not be made available for reassignment until all other unassigned values 
have been exhausted; as can be seen in Section 3, the unassigned values are unlikely to ever run 
out. 


3. PEN Registry Specifics 


The range for values after the PEN prefix is 0 to 2**32-1. The values 0 and 4294967295 (2**32-1) 
are reserved. Note that while the original PEN definition had no upper bound for the value after 
the PEN prefix, there is now an upper bound due to some IETF protocols limiting the size of that 
value. For example, Diameter [RFC6733] limits the value to 2**32-1. 


There is a PEN number, 32473, reserved for use as an example in documentation. This 
reservation is described in [RFC5612]. 


Values in the registry that have unclear ownership are marked "Reserved". These values will not 
be reassigned to a new company or individual without consulting the IESG. 


4. IANA Considerations 


Per this document, IANA has made the following changes to the PEN registry: 


e Values 2187, 2188, 3513, 4164, 4565, 4600, 4913, 4999, 5099, 5144, 5201, 5683, 5777, 6260, 6619, 
14827, 16739, 26975, and the range from 11670 to 11769, which had been missing from the 
registry, have been listed as "Reserved." As described in [RFC8126], reserved values can be 
released by the IESG. 


e This document has been listed in the registry's "Reference" field. 
e "First Come First Served" has been listed as its registration procedure. 


5. Security Considerations 


Registering PENs does not introduce any significant security considerations. 


There is no cryptographic binding of a registrant in the PEN registry and the PEN(s) assigned to 
them. Thus, the entries in the PEN registry cannot be used to validate the ownership of a PEN in 
use. For example, if the PEN 1.3.6.1.4.1.32473 is seen in a protocol as indicating the owner of 
some data, there is no way to securely correlate that use with the name and assignee of the 
owner listed in the PEN registry. 
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